Top

Mobile Networks and Applications

Published in:

09-08-2018

A Survey of Android Mobile Phone Authentication Schemes

Authors: Douglas Kunda, Mumbi Chishimba

Published in: Mobile Networks and Applications | Issue 6/2021

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Android operating system is the most popular mobile operating system resulting in a great number of applications being developed for the platform. This makes them vulnerable to security threats such as social engineering, shoulder surfing and Malware. Therefore, Android devices require a secure authentication scheme in order to control access to the device. This paper briefly discusses the mobile security threats, the authentication protocols and Android Security. Then the paper presents an analysis of some of the authentication schemes that are used in mobile devices and some of the threats and technical issues faced. Authentication schemes discussed include password/pin, pattern based authentication, fingerprint recognition, facial recognition, vocal recognition and iris based authentication. In discussing the various authentication methods, it was observed that while biometric based authentication schemes offered the greatest level of security, there was always a trade-off between computational complexity and ease of use/implementation/cost that ensured that more traditional authentication schemes, while not as secure as biometric schemes, are still widely used in mobile devices.

previous article Fuzzy Logic with Expert Judgment to Implement an Adaptive Risk-Based Access Control Model for IoT

next article Privacy in Cross-User Data Deduplication

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

inform now

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

inform now

Kharpal A (2016) Google Android hits market share record with nearly 9 in every 10 smartphones using it. [Online]. Available: https://www.cnbc.com/2016/11/03/google-android-hits-market-share-record-with-nearly-9-in-every-10-smartphones-using-it.html. [Accessed: 13 May 2018]

Schlöglhofer R, Sametinger J (2012) Secure and usable authentication on mobile devices. In: Khalil I (ed) Proceedings of the 10th International Conference on Advances in Mobile Computing & Multimedia (MoMM ‘12), p 257–262

Hashizume K, Rosado DG, Fernández-Medina E, Fernandez EB (2013) An analysis of security issues for cloud computing. J Internet Serv Appl 4(1):1–13CrossRef

Nagpal D, Sharma D (2016) Survey on threats attacks and implement ation of security in cloud infrastructure. Int J Res Comput Appl Robot 4(5):55–61

Patel SN, Pierce JS, Abowd GD (2004) A gesture-based authentication scheme for untrusted public terminals. In: Proceedings of the 17th annual ACM symposium on User interface software and technology - UIST ‘04

Maydebura SV, Jeong DH, Yu B (2013) Understanding environmental influences on performing password-based mobile authentication. In: 2013 IEEE 14th International Conference on Information Reuse & Integration (IRI), p 728–731

Greitzer FL, Strozer JR, Cohen S, Moore AP , Mundie D, Cowley J (2014) Analysis of unintentional insider threats deriving from social engineering exploits. In: Proceedings - IEEE Symposium on Security and Privacy, vol. 2014–January, p 236–250

Chantal M, Lee SW, Kim KH (2017) A security analysis and reinforcement design adopting fingerprints over drawbacks of passwords based authentication in remote home automation control system. In: Proceedings of the 6th International Conference on Informatics, Environment, Energy and Applications - IEEA ‘17, New York, New York, USA, p 71–75

Singh V, Sharma K (2016) Smartphone security. In: Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies - ICTCS ‘16, New York, New York, USA, p 1–3

10.

Krupskiy A, Blessinga R, Scholte J, Jansen S (2017) Mobile software security threats in the software ecosystem, a call to arms. In: International Conference of Software Business. Springer, Cham, pp 161–175

11.

Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y (2018) Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123CrossRef

12.

Lin Q, Yan H, Huang Z, Chen W, Shen J, Tang Y (2018) An ID-based linearly homomorphic signature scheme and its application in Blockchain. IEEE Access 6:20632–20640CrossRef

13.

Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. Springer, Berlin, Heidelberg, pp 452–473MATH

14.

Li J, Sun L, Yan Q, Li Z, Srisa-an W, Ye H (2018) Significant permission identification for machine learning based android malware detection. In: IEEE Transactions on Industrial Informatics. IEEE. https://doi.org/10.1109/TII.2017.2789219

15.

Schmidt A, Schmidt H, Clausen J, Camtepe A, Albayrak S (2008) Enhancing security of linux-based android devices. In: Proceedings of 15th International Linux Kongress

16.

Android Open Source Project (2017) Android open source project. [Online]. Available: https://source.android.com/. [Accessed: 13-May-2018]

17.

Smalley S, Craig R (2013) Security Enhanced (SE) Android: Bringing Flexible MAC to Android. 20th Annual Network and Distributed System Security Symposium, vol. 310, p 20–38

18.

Rashidi B, Fung C (2015) A survey of android security threats and defenses. JoWUA 6(3):3–35

19.

Ahmed O, Sallow A (2017) Android security: a review. Acad J Nawroz Univ 6(3):135–140CrossRef

20.

Cai Z, Yan H, Li P, Huang ZA, Gao C (2017) Towards secure and flexible EHR sharing in mobile health cloud under static assumptions. Clust Comput 20(3):2415–2422CrossRef

21.

Harbach M, De Luca A, Egelman S (2016) The anatomy of smartphone unlocking. In: Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems - CHI ‘16, New York, New York, USA, p. 4806–4817

22.

Nguyen TV, Sae-Bae N, Memon N (2017) DRAW-A-PIN: authentication using finger-drawn PIN on touch devices. Comput Secur 66:115–128CrossRef

23.

Ye G, Tang Z, Fangy D, Cheny X, Kimz KI, Taylorx B, Wang Z (2017) Cracking android pattern lock in five attempts. In: Proceedings 2017 Network and Distributed System Security Symposium 2017 (NDSS'17), Reston VA

24.

Uddin MN, Sharmin S, Hasnat A, Ahmed S, Hasan E (2011) A survey of biometrics security system. IJCSNS 11(10):16–23

25.

Vazquez-Fernandez E, Gonzalez-Jimenez D (2016) Face recognition for authentication on mobile devices. Image Vis Comput 55:31–33CrossRef

26.

Jakobsson M, Shi E, Golle P, Chow R (2009) Implicit authentication for mobile devices. USENIX Association

27.

Khan MK, Zhang J, Wang X (2008) Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices. Chaos, Solitons Fractals 35(3):519–524CrossRef

28.

Matsumoto T, Matsumoto H, Yamada K, Hoshino S (2002) Impact of artificial ‘gummy’ fingers on fingerprint systems. In: Proceedings of SPIE Vol. #4677, Optical Security and Counterfeit Deterrence Techniques IV, vol. 4677, p 275–289

29.

Derakhshani R, Schuckers SAC, Hornak LA, O’Gorman L (2003) Determination of vitality from a non-invasive biomedical measurement for use in fingerprint scanners. Pattern Recogn 36(2):383–396CrossRef

30.

Bourlai T, Hornak LA (2016) Face recognition outside the visible spectrum. Image Vis Comput 55:14–17CrossRef

31.

Dave G, Chao X, Sriadibhatla K (2010) Face recognition in mobile phones. Department of Electrical Engineering Stanford University, USA

32.

Johnson RC, Scheirer WJ, Boult TE (2013) Secure voice based authentication for mobile devices: vaulted voice verification. Proceedings of SPIE 8712, Biometric and Surveillance Technology for Human and Activity Identification X, 87120P. https://doi.org/10.1117/12.2015649

33.

Gragnaniello D, Sansone C, Verdoliva L (2015) Iris liveness detection for mobile devices based on local descriptors. Pattern Recogn Lett 57:81–87CrossRef

34.

Kim D, Jung Y, Toh K-A, Son B, Kim J (2016) An empirical study on iris recognition in a mobile phone. Expert Syst Appl 54:328–339CrossRef

35.

Jung Y, Kim D, Son B, Kim J (2017) An eye detection method robust to eyeglasses for mobile iris recognition. Expert Syst Appl 67:178–188CrossRef

36.

Nok Nok Labs, Four barriers to adopting strong authentication. [Online]. Available: https://www.noknok.com/sites/default/files/whitepapers/4barrierswhitepaper_0.pdf. [Accessed: 20 Jun 2017]

Title: A Survey of Android Mobile Phone Authentication Schemes
Authors: Douglas Kunda
Mumbi Chishimba
Publication date: 09-08-2018
Publisher: Springer US
Published in: Mobile Networks and Applications / Issue 6/2021
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-018-1099-7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Other articles of this Issue 6/2021

Artificial Intelligence in Collaborative Computing

Deep Learning Based Customer Preferences Analysis in Industry 4.0 Environment

TA-BiLSTM: An Interpretable Topic-Aware Model for Misleading Information Detection in Mobile Social Networks

Point-of-Interest Recommendation with User’s Privacy Preserving in an IoT Environment

A Novel Visual Medical Image Encryption for Secure Transmission of Authenticated Watermarked Medical Images

Secure and Usable Handshake Based Pairing for Wrist-Worn Smart Devices on Different Users